238 lines
9.4 KiB
C#
Raw Normal View History

//------------------------------------------------------------
// Copyright (c) Microsoft Corporation. All rights reserved.
//------------------------------------------------------------
namespace System.ServiceModel.Security
{
using System.Collections.Generic;
using System.ServiceModel.Channels;
using System.ServiceModel;
using System.ServiceModel.Description;
using System.ServiceModel.Security.Tokens;
using System.Collections.ObjectModel;
using System.IdentityModel.Policy;
using System.IdentityModel.Selectors;
using System.IdentityModel.Tokens;
using System.Xml;
using System.Runtime.CompilerServices;
class SecurityStandardsManager
{
static SecurityStandardsManager instance;
readonly SecureConversationDriver secureConversationDriver;
readonly TrustDriver trustDriver;
readonly SignatureTargetIdManager idManager;
readonly MessageSecurityVersion messageSecurityVersion;
readonly WSUtilitySpecificationVersion wsUtilitySpecificationVersion;
readonly SecurityTokenSerializer tokenSerializer;
WSSecurityTokenSerializer wsSecurityTokenSerializer;
[MethodImpl(MethodImplOptions.NoInlining)]
public SecurityStandardsManager()
: this(WSSecurityTokenSerializer.DefaultInstance)
{
}
public SecurityStandardsManager(SecurityTokenSerializer tokenSerializer)
: this(MessageSecurityVersion.WSSecurity11WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11, tokenSerializer)
{
}
public SecurityStandardsManager(MessageSecurityVersion messageSecurityVersion, SecurityTokenSerializer tokenSerializer)
{
if (messageSecurityVersion == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentNullException("messageSecurityVersion"));
if (tokenSerializer == null)
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("tokenSerializer");
this.messageSecurityVersion = messageSecurityVersion;
this.tokenSerializer = tokenSerializer;
if (messageSecurityVersion.SecureConversationVersion == SecureConversationVersion.WSSecureConversation13)
this.secureConversationDriver = new WSSecureConversationDec2005.DriverDec2005();
else
this.secureConversationDriver = new WSSecureConversationFeb2005.DriverFeb2005();
if (this.SecurityVersion == SecurityVersion.WSSecurity10 || this.SecurityVersion == SecurityVersion.WSSecurity11)
{
this.idManager = WSSecurityJan2004.IdManager.Instance;
}
else
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperError(new ArgumentOutOfRangeException("messageSecurityVersion", SR.GetString(SR.MessageSecurityVersionOutOfRange)));
}
this.wsUtilitySpecificationVersion = WSUtilitySpecificationVersion.Default;
if (messageSecurityVersion.MessageSecurityTokenVersion.TrustVersion == TrustVersion.WSTrust13)
this.trustDriver = new WSTrustDec2005.DriverDec2005(this);
else
this.trustDriver = new WSTrustFeb2005.DriverFeb2005(this);
}
public static SecurityStandardsManager DefaultInstance
{
get
{
if (instance == null)
instance = new SecurityStandardsManager();
return instance;
}
}
public SecurityVersion SecurityVersion
{
get { return this.messageSecurityVersion == null ? null : this.messageSecurityVersion.SecurityVersion; }
}
public MessageSecurityVersion MessageSecurityVersion
{
get { return this.messageSecurityVersion; }
}
public TrustVersion TrustVersion
{
get { return this.messageSecurityVersion.TrustVersion; }
}
public SecureConversationVersion SecureConversationVersion
{
get { return this.messageSecurityVersion.SecureConversationVersion; }
}
internal SecurityTokenSerializer SecurityTokenSerializer
{
get { return this.tokenSerializer; }
}
internal WSUtilitySpecificationVersion WSUtilitySpecificationVersion
{
get { return this.wsUtilitySpecificationVersion; }
}
internal SignatureTargetIdManager IdManager
{
get { return this.idManager; }
}
internal SecureConversationDriver SecureConversationDriver
{
get { return this.secureConversationDriver; }
}
internal TrustDriver TrustDriver
{
get { return this.trustDriver; }
}
WSSecurityTokenSerializer WSSecurityTokenSerializer
{
get
{
if (this.wsSecurityTokenSerializer == null)
{
WSSecurityTokenSerializer wsSecurityTokenSerializer = this.tokenSerializer as WSSecurityTokenSerializer;
if (wsSecurityTokenSerializer == null)
{
wsSecurityTokenSerializer = new WSSecurityTokenSerializer(this.SecurityVersion);
}
this.wsSecurityTokenSerializer = wsSecurityTokenSerializer;
}
return this.wsSecurityTokenSerializer;
}
}
internal bool TryCreateKeyIdentifierClauseFromTokenXml(XmlElement element, SecurityTokenReferenceStyle tokenReferenceStyle, out SecurityKeyIdentifierClause securityKeyIdentifierClause)
{
return this.WSSecurityTokenSerializer.TryCreateKeyIdentifierClauseFromTokenXml(element, tokenReferenceStyle, out securityKeyIdentifierClause);
}
internal SecurityKeyIdentifierClause CreateKeyIdentifierClauseFromTokenXml(XmlElement element, SecurityTokenReferenceStyle tokenReferenceStyle)
{
return this.WSSecurityTokenSerializer.CreateKeyIdentifierClauseFromTokenXml(element, tokenReferenceStyle);
}
internal SendSecurityHeader CreateSendSecurityHeader(Message message,
string actor, bool mustUnderstand, bool relay,
SecurityAlgorithmSuite algorithmSuite, MessageDirection direction)
{
return this.SecurityVersion.CreateSendSecurityHeader(message, actor, mustUnderstand, relay, this, algorithmSuite, direction);
}
internal ReceiveSecurityHeader CreateReceiveSecurityHeader(Message message,
string actor,
SecurityAlgorithmSuite algorithmSuite, MessageDirection direction)
{
ReceiveSecurityHeader header = TryCreateReceiveSecurityHeader(message, actor, algorithmSuite, direction);
if (header == null)
{
if (String.IsNullOrEmpty(actor))
throw System.ServiceModel.Diagnostics.TraceUtility.ThrowHelperError(new MessageSecurityException(
SR.GetString(SR.UnableToFindSecurityHeaderInMessageNoActor)), message);
else
throw System.ServiceModel.Diagnostics.TraceUtility.ThrowHelperError(new MessageSecurityException(
SR.GetString(SR.UnableToFindSecurityHeaderInMessage, actor)), message);
}
return header;
}
internal ReceiveSecurityHeader TryCreateReceiveSecurityHeader(Message message,
string actor,
SecurityAlgorithmSuite algorithmSuite, MessageDirection direction)
{
return this.SecurityVersion.TryCreateReceiveSecurityHeader(message, actor, this, algorithmSuite, direction);
}
internal bool DoesMessageContainSecurityHeader(Message message)
{
return this.SecurityVersion.DoesMessageContainSecurityHeader(message);
}
internal bool TryGetSecurityContextIds(Message message, string[] actors, bool isStrictMode, ICollection<UniqueId> results)
{
if (results == null)
{
throw DiagnosticUtility.ExceptionUtility.ThrowHelperArgumentNull("results");
}
SecureConversationDriver driver = this.SecureConversationDriver;
int securityHeaderIndex = this.SecurityVersion.FindIndexOfSecurityHeader(message, actors);
if (securityHeaderIndex < 0)
{
return false;
}
bool addedContextIds = false;
using (XmlDictionaryReader reader = message.Headers.GetReaderAtHeader(securityHeaderIndex))
{
if (!reader.IsStartElement())
{
return false;
}
if (reader.IsEmptyElement)
{
return false;
}
reader.ReadStartElement();
while (reader.IsStartElement())
{
if (driver.IsAtSecurityContextToken(reader))
{
results.Add(driver.GetSecurityContextTokenId(reader));
addedContextIds = true;
if (isStrictMode)
{
break;
}
}
else
{
reader.Skip();
}
}
}
return addedContextIds;
}
}
}